package fuzion24.device.vulnerability.vulnerabilities.kernel;

import android.content.Context;

import java.util.ArrayList;
import java.util.List;

import fuzion24.device.vulnerability.util.CPUArch;
import fuzion24.device.vulnerability.vulnerabilities.VulnerabilityTest;

public class CVE_2011_1149 implements VulnerabilityTest {
    static {
        System.loadLibrary("cve-2011-1149");
    }

    @Override
    public List<CPUArch> getSupportedArchitectures() {
        ArrayList<CPUArch> archs = new ArrayList<>();
        archs.add(CPUArch.ARM);
        archs.add(CPUArch.ARM7);
        return archs;
    }



    /*
        Fixes:

        https://android.googlesource.com/kernel/common/+/c98a285075f26e2b17a5baa2cb3eb6356a75597e
        https://android.googlesource.com/platform/system/core/+/25b15be9120bcdaa0aba622c67ad2c835d9e91ca

        Discussion:
        https://groups.google.com/forum/#!topic/android-security-discuss/Ffl2WMiNaCc

        Exploits:
        http://c-skills.blogspot.com/2011/01/adb-trickery-again.html
        https://github.com/tmzt/g2root-kmod/blob/master/scotty2/psneuter/psneuter.c

        Other:
        https://github.com/ucam-cl-dtg/android-com.device.vulnerability.vulnerabilities/blob/master/input/com.device.vulnerability.vulnerabilities/KillingInTheNameOf_psneuter_ashmem.json
        http://www.cvedetails.com/cve/CVE-2011-1149/
     */


    @Override
    public String getCVEorID() {
        return "CVE-2011-1149";
    }

    @Override
    public boolean isVulnerable(Context context) throws Exception {
        int checkVal = checkASHMemMap();

        if(checkVal == 0) {
            return false;
        }else if(checkVal == 1) {
            return true;
        }else {
            //TODO: grab more information about failure, errno and error string
            throw new Exception("Error running test");
        }
    }

    private native int checkASHMemMap();

}
